Preview

IS3110 Unit 1 assignment 1

Satisfactory Essays
Open Document
Open Document
382 Words
Grammar
Grammar
Plagiarism
Plagiarism
Writing
Writing
Score
Score
IS3110 Unit 1 assignment 1
Application of Risk Management Techniques
Treats that this company is vulnerable to are but not limited to tornado, malware, equipment failure, stolen data, DoS attacks & social engineer. The like likelihood of each is moderate to high. Headquarter is located right in tornado alley. Since this building house all three serves, a direct hit would result in a total loss. Since the users connect to the LAN with Windows Vista which is very outdate the risk of malware is also high. Along with having all three servers in a central location, there is no mention of any backup locations or even if a DRP is in place. Therefore equipment failure (loss of data) is very high. There is a mention of a direct attached storage but it appears that there is no AUP in place. This means everyone has access to the data. Stolen confidential data of a customer is a serious and costly risk. There is no mention of any firewalls in place. If the servers are not protected by firewalls or intrusion detection systems can result in loss of availability. Users and social engineering is the weakest and easily the most vulnerable. Lack of access controls and security awareness can result in serious loss of confidentiality and hackers are real threat in today’s world. With the sales people accessing the network through a home office and share internet connection with headquarters, this is the bulk of the concern.
For each risk listed the following should be implanted:
• Tornado- the vulnerability here is location. You can either accept the risk by doing nothing because of the location or what I suggest is mitigate the risk by purchasing insurance.
• Malware-outdated software. This vulnerability can be avoided by installing anti-virus and keeping it updated.
• Equipment failure-no backup’s setup. This is another vulnerability that can be avoided by performing regular backups and keeping them at an offsite location.
• Stolen Data-access controls not implanted. Since the company has a direct

You May Also Find These Documents Helpful

  • Satisfactory Essays

    Jennifer’s full time position as Sales would need Sales access for her primary position. She should only have By Position access to Accounts Payable when she is working that position. She would need Read Only for Shipping and Receiving in order provide customers with information on inventory availability. Neither of her positions should have required her to have full access to Shipping and Receiving.…

    • 252 Words
    • 2 Pages
    Satisfactory Essays
  • Good Essays

    Global Limited is a global provider of infrastructure information systems, whose services cater to a wide range of industry sectors. One of Global Limited’s business objectives is information security for their clients. In order to provide their clients with information security, Global Limited has utilized a risk management approach to protect their client’s information.…

    • 515 Words
    • 3 Pages
    Good Essays
  • Good Essays

    Is3350 Unit 4 Assignment

    • 414 Words
    • 2 Pages

    IT projects are very different from other projects (like construction projects) in almost every aspect from initiating to releasing the project. Because these projects are mostly very diverse in term of cost, size and complexity. They often include a team having members of diverse knowledge, background and skills and the technologies involved are also diverse. A lot of technical teams are involved in developing something that may look acceptable for outsiders.…

    • 414 Words
    • 2 Pages
    Good Essays
  • Satisfactory Essays

    In order to try and correct the issue of the window of vulnerability (WOV), the LAN administrator needs to get the patch from Microsoft. Upon contact Microsoft has determined that it will take up to no less than three business days for the patch that we requested to be made available to us. Once we receive the patch we would need approximately several hours to download and then test out the patch to be certain that the patch will work and that this is the correct action to take to fix the Window of Vulnerability and seal the security breach on the Server Message Block server. Upon completion of testing the IT staff would need to hold a meeting to assess the quickest and most correct course of action to take after the patch has been installed to determine how to apply the patch apply it to the server and also to client computers depending on the process the IT staff decides to take it can take anywhere from one to three business days for the completion date to be met. If the IT staff were to work around the clock for overtime in shifts and the security breach was reported on a Friday with three days for the patch to be made and a week to troubleshoot and test the patch.…

    • 391 Words
    • 2 Pages
    Satisfactory Essays
  • Powerful Essays

    It230 Unit 3 Assignment 1

    • 5629 Words
    • 23 Pages

    We declare that the this project proposal report or part of it was not a copy of a document done by any organization, university, any other institute or a previous student project group at SLIIT and was not copied from the Internet or other sources.…

    • 5629 Words
    • 23 Pages
    Powerful Essays
  • Good Essays

    IS4560 Unit 3 Assign 1

    • 779 Words
    • 3 Pages

    systems from the network diagram. A security control is any mechanism that you put in…

    • 779 Words
    • 3 Pages
    Good Essays
  • Good Essays

    Which of the following answers are true about random-access memory (RAM) as it is normally used inside a personal computer? ( choose two answers)…

    • 957 Words
    • 4 Pages
    Good Essays
  • Satisfactory Essays

    I'm one of the TAs for the online class CGS2531 this Fall Semester. I completed the required online training sessions: FERPA Basics and Preventing Harassment. Please find attached to this email the certificates of completion of the aforementioned courses. Let me know if there is any other information or training session needed.…

    • 52 Words
    • 1 Page
    Satisfactory Essays
  • Satisfactory Essays

    * The hackers can gain access to a company’s payment processing network. The attackers then installed malicious code designed to gather sensitive information from the network, which allowed them to easily access the network at their convenience.…

    • 275 Words
    • 1 Page
    Satisfactory Essays
  • Good Essays

    Is 305 Week 3 Quiz

    • 577 Words
    • 3 Pages

    Using the workstation domain, define risks associated within that domain and explain what can be done to reduce risks in that domain.…

    • 577 Words
    • 3 Pages
    Good Essays
  • Good Essays

    The computer system for ABC Healthcare is a unified network containing multiple elements. It consists of multiple computers connected a single Internet access point. The wireless access point allows for external and internal connections but does not distinguish between employees and customers. There is only one server for the entire company and there are no security separations within the network. The network does not have any firewall to prevent access from outside and a single switch moderates all internal connections. The use of personal computers is allowed with unmonitored connections to the system. The printer is connected directly to the network.…

    • 822 Words
    • 4 Pages
    Good Essays
  • Best Essays

    Bt1110 Unit 1 Assignment

    • 1396 Words
    • 6 Pages

    From the case study we can see that in 2014, both the company’s revenue and net profit had an increase of 7% and 3% respectively when compared to 2013. The increase was due to the ongoing marine projects overseas and infrastructure business, this would suggest that the company’s property business may not be as strong. The case study also explains that 2015 will be a tough year for Polar, due to a severe drop in oil prices as Polar has its Marine business. Furthermore the Eurozone market recovery remains weak and China is expecting to grow at a slower rate, as China exports most of its products and services to the rest of the world, many countries including Singapore will be affected if Power house countries such as China slows…

    • 1396 Words
    • 6 Pages
    Best Essays
  • Satisfactory Essays

    Risk of Life

    • 287 Words
    • 2 Pages

    2: Possible network-wide failure because of a computer virus or malfuntion (like Y2K, except real).…

    • 287 Words
    • 2 Pages
    Satisfactory Essays
  • Powerful Essays

    The most salient indicator of a well-prepared company is the extent of its backup activities because natural disasters can destroy physical computers and supporting infrastructure. The company can use offsite locations for data storage and backup by mease of creating a hot sites that can be created in a different geographical location, with the replication of data so that when a disaster occurs,the backup can be used immediately without delay.(JIBC April 2010, Vol. 15,…

    • 1283 Words
    • 6 Pages
    Powerful Essays
  • Best Essays

    IOP3073 Assignment 1 2014 V2

    • 3449 Words
    • 13 Pages

    4.1 Types of possible opportunities available to an individual within the four core domains of partagogy.…

    • 3449 Words
    • 13 Pages
    Best Essays